Current processors may provide support for a trusted execution environment such as a secure enclave. Secure enclaves include segments of memory (including code and/or data) protected by the processor from unauthorized access including unauthorized reads and writes. In particular, certain processors may include Intel® Software Guard Extensions (SGX) to provide secure enclave support. In particular, SGX provides confidentiality, integrity, and replay-protection to the secure enclave data while the data is resident in the platform memory. The on-chip boundary forms a natural security boundary, where data and code may be stored in plaintext and assumed to be secure. Intel® SGX may not protect I/O data such as audio data that moves across the on-chip boundary.
Trusted I/O (TIO) technology enables an application to send and/or receive I/O data securely to/from a device, such as an audio controller. In addition to the hardware that produces or consumes the I/O data, several software and firmware components in the I/O pipeline might also process the data. Certain computing devices may include a central cryptographic engine capable of intercepting direct memory access (DMA) transactions to or from I/O controllers and providing cryptographic protection to the DMA payload.